When there is a requirement to use a different token issuer for an application rather than using the default JWT token issuer, we can use the following configuration to define a custom token issuer.
[[oauth.extensions.token_types]]
name = "tokenType1"
issuer = "org.wso2.carbon.identity.oauth2.token.OauthTokenIssuerImpl"
persist_access_token_alias = true
[[oauth.extensions.token_types]]
name = "tokenType2"
issuer = "org.wso2.carbon.identity.oauth2.token.OauthTokenIssuerImpl"
persist_access_token_alias = true
However, the problem is that when we change the token issuer to a custom issuer from the management console, it gets changed to JWT when we make any changes to the particular application from the developer portal.
Hence since APIM supports to use of custom token issuers, it should update only the fields that we change from the dev portal and changing the token issuer back to JWT should be fixed.
Solution
Need to fix the implementation of the application update from the dev portal to avoid changing the token issuer back to JWT
Problem
When there is a requirement to use a different token issuer for an application rather than using the default JWT token issuer, we can use the following configuration to define a custom token issuer.
[[oauth.extensions.token_types]] name = "tokenType1" issuer = "org.wso2.carbon.identity.oauth2.token.OauthTokenIssuerImpl" persist_access_token_alias = true
[[oauth.extensions.token_types]] name = "tokenType2" issuer = "org.wso2.carbon.identity.oauth2.token.OauthTokenIssuerImpl" persist_access_token_alias = true
However, the problem is that when we change the token issuer to a custom issuer from the management console, it gets changed to JWT when we make any changes to the particular application from the developer portal.
Hence since APIM supports to use of custom token issuers, it should update only the fields that we change from the dev portal and changing the token issuer back to JWT should be fixed.
Solution
Need to fix the implementation of the application update from the dev portal to avoid changing the token issuer back to JWT
Affected Component
APIM
Version
4.1.0
Implementation
No response
Related Issues
No response
Suggested Labels
No response